[Cryptography] Insecure email might be an even bigger problem than we suspected

Wed Aug 24 14:45:43 EDT 2016

Over the past few months we have seen some very remarkable and quite
unexpected developments:

1) Donald Trump wins the GOP Primary.
2) Voters in the UK vote for Brexit.
3) Fox News abandons a longstanding policy of paying off sexual harassment
claims against senior management.
4) Trump appoints Breitbart staff to his campaign in an apparent bid to
pilot the launch of Trump News
5) Despite knowing that Trump plans to usurp them, Fox News curiously keeps
giving Trump free air time.

We also have the following observations

1) Cyber espionage attack against the DNC by the FSB and GRU
2) Cyber espionage attach against the New York Times by same parties [*]

Cui bono?

* Trump appoints Manafort as campaign manager
* Trump states that NATO Article 5 will only be enforced at his personal
whim
* Trump states that Russia has not invaded Ukraine
* Corbyn, leader of the UK Labour party states that NATO should be shut down
* Trump News would function as Russia Today USA edition

Note that I am not saying that I am 100% sure that these events are
connected or that they are the result of Russian covert operations. It is
however impossible to assert with confidence that there is no connection
and that we are not seeing the results of a Russian lamplighter operation
that has succeeded beyond the wildest expectations of the planners.

[*] When I first started writing this memo yesterday it was a private memo
for the managers of News Corporation. It was of course obvious that if the
Russians attacked the DNC they would attack the RNC as well. And there
would be no way to leverage that information without knowing which
journalists would be willing to make use of it, how they would react etc.
So an attack on other media would be an essential part of the attack. Fox
News is essentially the real RNC so they were an obvious target.

The way I would engineer such an attack would be to gather as much data
within the political campaigns and the media. Then look to 'nudge' parties
into making moves that I want them to. I ensure that potential litigants
against Fox discover that there are other potential lawsuits. I discover
who the private investigators that are being used by Fox are and I either
bribe them or feed them false information.

If you have someone's entire email history, manipulating them into taking
actions you want them to take becomes quite easy.

Which is why we absolutely must stop worrying about the 'terrorist' threat
if the NSA is unable to read all the email on the Internet and instead
start worrying about the threat posed by Putin's minions being able to read
all the email on the Internet.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160824/3b38fc9e/attachment.html>